Cryptography
The number of bits in an MD5 hash
What is 128 bits
A technique used to conceal data inside of other mediums to avoid detection
What is steganography
Another name for a compiled program or piece of software
What is a binary
A common vulnerability that arises from improper use of printf()
The current number one web application security risk defined by OWASP
What is broken access control
First widely used encryption scheme to make use of public-key cryptography
What is RSA
A free and opensource digital forensics toolkit for analyzing disk images
What is Autopsy
Most common debugger used in Linux based systems
What is GDB
The deprecated C Standard Library function which reads a line from stdin into a buffer until either a terminating newline or EOF
What is gets()
Commonly used tool for analyzing and manipulating web requests, written in Java.
What is BurpSuite
A method of encryption considered perfectly secure which uses a single-use pre-shared key.
What is one-time pad
Common tool written in python for analyzing memory dumps
What is Volatility
Tool developed by the NSA and release to the public in 2018 for reverse engineering many different types of software
What is Ghidra
The beginning of the name of many heap exploitation techniques.
ie: ____ __ force
What is house
OR
What is house of
What is www-data
OR
What is httpd
A vulnerability in OpenSSL 1.0.1 which exploited a flaw in the TLS Heartbeat extension.
The type of file created by Linux and UNIX systems when a program terminates abnormally
What is a core dump
OR
What is a core file
A method of modifying the behavior of a program permanently by modifying the static binary
What is binary patching
The number of bytes needed to completely overwrite the saved instruction pointer given that you have an arbitrary buffer overflow starting from RBP-128
What is 144 bytes
Early alternative to HTTP in the early 1990s created by Mark P. McCahill
What is the Gopher Protocol
Pseudo-random number generator created by the NSA which many believed to contain a backdoor
What is Dual EC DRBG
NIST publication which details how to integrate forensics techniques into Incident Response.
What is NIST SP 800-86
OR
What is NIST 800-86
The opcode of the smallest possible infinite loop in x86-64
What is 0xEBFE
OR
What is 0xFEEB
In x86-64 Linux, the 6 registers used for passing parameters to a syscall.
What is RDI, RSI, RDX, R10, R8, R9
A technique used to increase the likelihood of successfully triggering a race condition by eliminating jitter from interfering with the race window
What is a single-packet attack